Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.

Similar presentations


Presentation on theme: "Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland."— Presentation transcript:

1 Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland

2 Arc of Authentication History Define Trusted 3 rd Party Authentication (TTPA) Place TTPA in current computing trend Advantages Challenges Technology Single Sign-On (SSO) & Identity Management (IdM) Security’s Stake Discussion Advanced topics o Multi-factor authentication o Identity acceptance from 3 rd parties Overview

3 Source: A Brief History of Authentication

4 Source: “The Cloud” This is where our romance gets rocky

5 An entity two parties, who may have no knowledge about each other, trust. In this case the 3 rd party is used to facilitate authentication and/or exchange of attributes What is a Trusted 3 rd Party

6

7 The rise of BUI and the “Cloud” are pushing more enterprise and workgroup solutions to to HTTP/S and off our networks. - Google Apps, Office365 - AWS, Google App Engine - Salesforce - DocuSign - Box.net, DropBox Trend in Enterprise IT

8

9 Service providers never have user authentication credentials Service providers do not need to manage accounts Single, uniformed login interface Signed assertions are difficult to forge Advantages

10 Not all IdP and SP get along Need to negotiate attribute release and formatting Single Sign-on can create an inconsistent user experience since SP can tune behavior Not getting cross eyed reading XML Challenges

11 Shibboleth Microsoft Active Directory Federation Services Central Authentication Service (CAS) Homegrown SAML generator/interrupter Security Assertion Markup Language How can we do this?

12 Signle Sign-on (SSO) Identity Management (IdM) Hitchhiker & a Dependency

13 Increases the value of a credential Access auditing Authorization Provisioning/deprovisioning become tied to roles and attributes Confidence in assertion exchange Security’s stake in all this.

14 What are you doing for centralized web authentication? Would you consider it trusted 3 rd party authentication and do you have any brief tips or lessons you can share? Discussion

15 Multi-factor authentication o Can be a vended solution o Phone, SMS, smartphone app, hardware Identity acceptance from 3 rd parties (Facebook, Google, Twitter, etc.) Advanced Topics

16 https://incommon.org/ Google “MS ADFS” Resources

17 Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland


Download ppt "Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland."

Similar presentations


Ads by Google